Company That Lets Parents Spy On Their Kids' Computer Usage... Has Database Hacked And Leaked

from the after-denying-it-all dept

There are lots of apps out there for parents spying on their kids computer/smartphone activities -- with the marketing pitch often being about how this will help "keep them safe" or some other such thing. mSpy is one of those companies, advertising right on the front page about how its snooping software can "keep children safe and employees efficient." It leaves out the bit about making both distrustful, but that's another debate for another day. Brian Krebs recently revealed that a "huge trove of data" had been leaked from mSpy and was being shared around the darkweb. And it exposed not just customer names but "countless emails, text messages, payment and location data" of those children and employees that the company was supposedly making "safe" and "efficient."

mSpy's response? Well, first it was to deny the breach entirely, saying that it was a bogus "predatory" attack:
“There is no data of 400,000 of our customers on the web,” a spokeswoman for the company told the BBC. “We believe to have become a victim of a predatory attack, aimed to take advantage of our estimated commercial achievements.”
And, of course, a day or two later, mSpy actually admitted the truth... which was that of course it had been hacked and had the data leaked.
"Much to our regret, we must inform you that data leakage has actually taken place," spokeswoman Amelie Ross told BBC News.

"However, the scope and format of the aforesaid information is way too exaggerated."

She said that 80,000 customers had been affected. Initial reports suggested up to 400,000 customer details had been exposed.

"Naturally, we have communicated with our customers whose data could have been stolen, and described them a situation. We put in place all the necessary remedial measures and continue to work on mechanism of data encryption," she added.
We'll see. If history is any guide, the hack may be even worse. In almost every story of a big hack into corporate computer systems, the initial estimate on the number of accounts impacted is too low, and adjusted upward at a later date.

Either way, it appears that in the process of trying to make children "safe" -- the company may have ended up doing the exact opposite.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    John Fenderson (profile), 28 May 2015 @ 9:22am

    Re: Estimated commercial achievements?

    I think I can explain what they mean: $$$

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.